The basics of PCI Compliance are similar to the standard business practices you already use to safeguard your own business. You lock your doors as a matter of course, right? Well, to protect your customersʼ information, you also need the proper “locks” on your credit card processing system and network.
A recent study of US and European businesses by Forrester Consulting, revealed activities that may put cardholder data at risk:
- 81% store payment card numbers
- 73% store payment card expiration dates
- 71% store payment card verification codes
- 57% store customer data from the payment card magnetic stripe
- 16% store other personal data
The Payment Card Industry (PCI) standards were established to help you safeguard customer information—and protect your business.
If you accept credit cards at your auto dealership (or any other business for that matter), you are required to be PCI compliant.
12 Key Requirements for PCI Compliance
Build and Maintain a Secure Network
1: Install and maintain a firewall configuration to protect cardholder data.
2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
3: Protect stored cardholder data
4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
5: Use and regularly update anti-virus software
6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
7: Restrict access to cardholder data by business need-to-know
8: Assign a unique ID to each person with computer access
9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
10: Track and monitor all access to network resources and cardholder data
11: Regularly test security systems and processes
Maintain an Information Security Policy
12: Maintain a policy that addresses information security
As a merchant, you are at the center of credit card payment card transactions so it is imperative that you use standard security procedures and technologies to thwart theft of cardholder data.
If you need help navigating the PCI Compliance maze for your auto dealership, Novera Payment Solutions can help. We take the mystery out of the process and requirements, as well as help ensure that your business is fully compliant.